In the May 13, 2025 Patch Tuesday, Microsoft released security updates for 72 vulnerabilities, including five zero-day flaws that were actively exploited in the wild.
Actively Exploited Zero-Days (May 2025)
| CVE | Vulnerability Title | Impact | CVSS |
|---|---|---|---|
| CVE-2025-32701 | Windows Common Log File System (CLFS) Driver | Elevation of Privilege (EoP) | 7.8 |
| CVE-2025-32706 | Windows Common Log File System (CLFS) Driver | Elevation of Privilege (EoP) | 7.8 |
| CVE-2025-30400 | Microsoft DWM Core Library | Elevation of Privilege (EoP) | 7.8 |
| CVE-2025-32709 | Windows Ancillary Function Driver (AFD) for WinSock | Elevation of Privilege (EoP) | 7.8 |
| CVE-2025-30397 | Microsoft Scripting Engine | Remote Code Execution (RCE) | 7.5 |
Summary of the 72 Vulnerabilities
- Elevation of Privilege: 18 flaws
- Remote Code Execution: 28 flaws (including 5-6 rated Critical)
- Information Disclosure: 14-15 flaws
Publicly Disclosed (But Not Exploited)
- CVE-2025-26685: Microsoft Defender for Identity Spoofing Vulnerability.
Beyond security, this update was notable for including a ~4GB download for Windows 11 24H2 users, which bundled new AI features like Recall and Click to Do for Copilot+ PCs.
No responses yet